Re: [chrony-users] chrony messages not getting to server.

[Bill Unruh <unruh@xxxxxxxxxxxxxx>]

Can I get chrony to listen on more than one port?


William G. Unruh __| Canadian Institute for|____ Tel: +1(604)822-3273
Physics&Astronomy _|___ Advanced Research _|____ Fax: +1(604)822-5324
UBC, Vancouver,BC _|_ Program in Cosmology |____ unruh@xxxxxxxxxxxxxx
Canada V6T 1Z1 ____|____ and Gravity ______|_ www.theory.physics.ubc.ca/

On Mon, 7 Mar 2022, Miroslav Lichvar wrote:

> [CAUTION: Non-UBC Email]
>
> On Fri, Mar 04, 2022 at 01:34:52AM -0800, Bill Unruh wrote:
> > My home  firewall must be, since other remote systems work fine. How can I
> > test whether it is open on the server? I assume telnet 123 uses tcp.
> > How do I send a udp packet to test whether it gets through?
>
> A good way to test that is with mtr in the UDP mode:
>
> mtr -u -P 123 $SERVER_IP
>
> Try it also on a different port and compare the results. It will
> probably be shorter for the port 123, indicating a firewall on the
> path specifically blocking NTP packets. That's unfortunately quite
> common among ISPs as a mitigation against amplification attacks
> exploiting the ntpd's mode 6 of the protocol.
>
> If it's your NTP server, you can move it to a different port with the
> port directive and specify the port number on clients with the port
> option.
>
> --
> Miroslav Lichvar
>
>
> --
> To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
> with "unsubscribe" in the subject.
> For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
> with "help" in the subject.
> Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.

--
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.